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(54) Al>siractTttie 

System for communicating over a put>iic network 



(57) A system for communicating with a remote service 
over a public network 18, such as the Internet includes a 
cfient devkre 10 with a mennory card 28 or the (ike, a catd 
reader 26 and a public network communication devwe 
such as a personal computer or televisbn, and a 
processor unh« such as a central gateway 12, which Is 
located remotely from the client device. The memory card 
Includes user details which are transmitted by the client 
device to the processor unit, and may be encrypted. The 
card reader may activate communication with the 
processor unit upon Insertion of the menrwry card, which 
may be a smart card or magnetic card. The processor unit 
may determine which of a plurality of services 14,16 a user 
is authorised to aoiess. The system provides for secure 
communication without burdening the user with 
encryption or authorisation tasks. 
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At least one drawing originally filed was Informal and the print reproduced here is taken from a later filed formal copy. 
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SECURITY SYSTEM 

The present invention relates to a security system, for use for example in accessing 
remote services such as on the Internet 

5 With the advent of modem technology, a growing nimiber of transactions are being 
carried out by the user across insecure netwoiics. These can be, for exanq)!e, 
transactions involvmg confidential data and money for payment or investment With 
such transactions there are problems with security, firaud and so on. Various security 
systems have been devised, such as use of personal identification nund>ers, encryption of 

10 transmissions. While these systems usually woric well for the particito 

which they have been designed, th^ can be a nuisance to use and can be difScuh or 
expaasive to implement fw a new service provider. 

Systans have also been developed for Int^m^ use. These sy^iems coiK:entrate <hi 
1 5 authentication of the us^ and then, once this has be« established, provide fbt un- 
encrypted connection to the service. When particular transacticxis are andertaken, the 
service determines whedier encryption is necessary, for exan^>ie to seoire credit card 
details. Other solutions require entry of credit card details for eadi transaction. These 
systems inevitably must provide a balance between security and usct convenience as the 
20 encryption mechanisms used cause additional work for and complication to the user. 

The present invention seeks to provide an in^>roved security system. 

According to an aspect of the present invention, there is provided a security system for 
25 communicating with a remote service over a public network including a user card or 

other memory device, a user located card or memory device reader, a user located public 
network communication device and a processor unit located remotely from the user 
located public network commxmication device, wherein the user card includes user details 
and the user located public network communication device is operable to transmit the 
30 user details to the processor unit. 



Advantageously, the processor unit is operable to carry out eaicryption between it and the 
user and to provide to the usct a transparent path to the s^vice. Thus, the user need not 
be aware of any security steps taken or any encryption sy^em used, this being carried 
out by the card reader and the processor unit or central gateway. 

The card may be any suitable device which can store user infonnadon and, preferably, 
encryption data. The card, can for exaniple be a smart card, a magnetic card such as a 
credit/debit card or store loyalty card or any other suitable device. In Edition to the 
card, the user may be required to irxpiJt a secret identification code, sudi as an 
identification number. 

In the preferred embodiment, the system provides ft>r tbc vset to insert the card into 
his/her card reader and to initiate the connexion to the processor unit or central gateway. 
Once the connection is made, the processor unit obtains the rdevant data firom tte card 
and upon verificalian by the identification code, allows the usa- access to the andiorised 
service without any intermediate tasks, such as reqmrenaen^ to encrypt or decrypt 
transmitted data, to provide other user details aiKi, whesre qq>rt>priate account or payment 
details. Thus, as with the preferred embodinrcnt, all communications b^een the 
processor unit and the user can be encrypted, witfiout tSic usct necessarily being aware of 
or involved in this encryption. The communication b^een the user and the processor 
unit can therefore be totally secure yet without user inconvenience. 

Advantageously, communications between the service and the processor unit, which are 
preferably carried out via a secure link, need not be encrypted. 

The splitting of the encryption from the service results in being able to provide a 
dedicated encryption device, the processor unit, wbidi can therefore be designed to 
maximise encrypted communication efficiency. Typically, encryption of all 
communications from tiie service unit is not practicable because the service unit is not 
designed for such a task and even if it were it would result in a loss of efficiency in 
providing the service itself 
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In the preferred embodiment, the processor unit is also able to determine which of a 
plurality of services the user is authorised to access and/or the level of access such as 
spending limit, and to control access to the service or relevant service on this basis. It 
5 can also or alternatively undertake transactions against an account identified by the card. 

An embodiment of the present invention is described below, by way of Gxamplt only, 
with reference to the accompanying drawings, in which: 

10 Figure I is a schematic diagram of an ^nbodiment of security system coiq>led to a 
processor unit or c^itral gateway and a service; and 

Figure 2 is a flow chart of an example of validation routine for use with the system of 
Figure L 

15 

Referring to Figure 1, the embodiment of security system shown is designed for 
comnnmications dirougjh the Internet or a similar jmblic n^worlc 

The system includes an intelligMce client device 10, whidi may be a personal computer, 
20 television, or any other suitable device which can communicate with a remote system, A 
processor unit, in this exan:q)Ie a central gateway 12 is coiqiled between the client device 
10 and one or more service units 14. 

Communication between the client device 10 and the central gateway 12 is, in this 
25 embodiment, via a public network 18 such as the Internet. Conmiunication between the 
central gateway 12 and the service \mits 14, 16 is, on the other hand, via a private 
network 20 which cannot be accessed by the public. 
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The client device 10 is provided with an application and user interface 22; which can be 
the usual computer devices such as monitor, keyboard and software in the case that it is a 
personal con:q>uter; the screen and a suitable keyboard or keypad in the case that the 
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device 10 is a television or any otba" suitable device. The device 10 could also be a 
portable telephone with suitable diqjlay and keypad. 

The device 10 also includes suitable network protocol 24 for allowing communicaiion to 
5 the gateway 12 through the chosen iKtwork 18 or otha- public transmission medium. 

Hie device 10 also includes a card reader 26 designed for reading the card-type chosen 
for the system and a card 28 which is specific to that user. Tlte card 28 could be a smart 
card or magnetic card of the types well known or any other portable memory device- It 
10 is envisaged that the card 28 could have other functions in additicm to die security 
function for this system, for example it could also be a credit/ddnt card, store loyalty 
card and the like. 

The card 28 has stored thereon oi^ or more user id^itif^, one or xatxe encryption keys 
15 and the desired service information, that is d^ails of the service to ^riliicfa die user wants 
access. His/her level of authorisation in die service ard so on will be determined by the 
central gateway 12. 

The card reader 26 is designed, in die preferred embodiment^ to te able to detect the 
20 insertion of the card 28 thereinto and in response to such ii^ertion to commence 
immediately communication with the gateway 12 via the clirat device 10. 

The central gateway 12 includes an encryption and network protocol stack 30 designed to 
aUow communication via the chos» public network 18 and to provide encryption of all 

25 communications between itself and the client device 10. It also includes an 

authentication and validation unit 32 for authenticating the client data from the client card 
28. The authentication and validation unit 32 is coupled to a verification database 34 of 
the gateway 12 in which is stored die identification data of all the users registered for the 
services 14,16. The database 34 may be provided either within the gateway 12 or in a 

30 remote database 34' accesses through secure network 20. 
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The authentication and validation unit 32 is also coupled to serv^ access permission unit 
36 designed to control the type of access to the service units 14, 16 in dq)emience upon 
the user*s authority. 



5 Also provided in the gateway 12 are a typical HTTP server for management of the 
gateway 12 and an authentication and attachment unit 38 for comnHmicating with the 
desired services 14,16 and with any remote valfication database 34\ 

The central gateway 12 is designed specifically for racrypting all communications ov^ 
10 the public network 18 and for carrying out the authentication procedure. 

TTie operation of the this embodiment will now be described with refer«K:e to Rgure 2. 

Insertion 50 of the card 28 into the card reado* 26 pronq^ the card reader 26 to 
15 ccMnnieiK:e automatically the connection to the gateway 12. For this jsixpose. card reader 
26 activates a software component in die device 10 to establidi a connnumcatian link 
with the gateway 12 on the basis of infimnation stored on the card 28 about die location 
on the Intemet and access details of the gateway 12. 

20 When a connection with the gateway 12 is established, the gateway 12 requests the user's 
personal identification code which is then inputted 52 at a suitable pronq>t on the user 
interfece 22. 

Validation 54 of the user*s details and identification code is carried out either internally 
25 of the gateway 12, by the units 32 and 34, or externally at the verification database 34'. 

If the gateway 12 determines 54 that the user's identification code is invalid, the user is 
rejected 56 and the connection is cut 58. On the other hand, if it is det^mined 54 the 
user's identification code is valid, the gateway 12 determines 60 tihie desired service 14, 
30 16 and level of service to be provided and connects 62 to the desired service unit 14, 16. 



6 

During Che connection to the desired service 14, 16, all data transfers b^een the 
gateway 12 and user device 10 are encrypted on the basis of the eroryption keys on the 
user's card 28 and within verification database 34, while all data transfers between the 
gateway 12 and the service units 14, 16 through the private jKitwork 20 are not encrypted 
5 for ease of access and for increased efficiency. In practice, the usct will not be aware of 
the encryption between him/her and the gateway 12 as this will be carried out as a 
background task. Moreover, the user will not need to re-confirm his/her identity or 
financial details as these will be provided by the card 28 or gateway 12. 

10 The gateway 12, in some embodiments, records the activities of dbe dient, sudi as 
transaction details, either within the gateway 12 or in a ramole memoiy accessed via a 
private network. 

Disconnection from the services 14, 16 is, m this embodin»it, effected sinqjly by 
15 removing 64 the card 28 from the can! reader 26. 

Thus, connection is made by a sfai^le two step piroess of inserting d» card 28 into the 
reader 26 and entering the user identification code and disconnection is effected by 
removing the card 28 from the card reader 26, Hie user is not involved in any other 
20 authentication or encryption process and need not re-enttt* personal details. 

This syst^ can be used for any remote service, itKduding busiiwss to consumer (in 
which case the card could be designed also to functi(»i as a store or credit card), bus'mess 
to business (for example for transactions on account) and for internal networking (where 
25 the activity of staff, for exan::ple, needs to be secured). 

It will be apparent from the above that the system can provide simple but absolutely 
secure access to a rraiote service. Moreover, by identifying the user to the desn^ 
service, user access can be customised. By removing the need for entry of account 
30 details, transactions into the desired service become quicker and less risky for the iiser's 
perspective. 
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Performance of the services can also be enhanced by carrying out the encryption tasks 
within the gateway rather than in the service units. 

5 In addition, the service conq)any can establish a relationshq> with the user by providing 
the user with the card and, possibly, also with the card rezder. 

It will be appareit that the card 28 and card reader 26 could be configured to 
communicate with a plurality of separate gateways 12. 
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CLAIMS 

1 . A security systen for communicating wifli a remote sarvice ov^ a public network 
5 including a user card or other memory device, a user located card or n^mory device 

reader, a user located public n^work communication device and a processor unit located 
remotely from the user located public network communication device, wherein the user 
card includes user details and the user located public n^ork communicatibn device is 
operable to transmit the user details to the processor unit. 

10 

2. A security systrai according to claim 1, wherein Ike irocessor unit is operable to 
carry exit enayption between itself and the user, 

3. A security system according to claim I or 2, wfa^ein the card has stored diereon 
15 user information and, preferably, encryption data, 

4. A security system according to claim 3, wii^ein flie card is a anart card, a 
magnetic card or any other suitable device. 

20 5. A security system according to any preceding claim, wherein the card reader is 
operable to activate communication with the remote processor means upon insertion of a 
card thereinto. 

6, A security system according to any preceding claun, wherein the processor unit is 
25 operable to encrypt substantially all communicatioi^ between the iiser and itself. 

7. A seciuity system according to any preceding claim, wherein the processor unit is 
operable to determine which of a plurality of services a tiser is authenticated onto the 
desired service. 



30 



8. A security system substantially as hereinbefore desoribed with reference to and as 
illustrated in the accompanying drawings. 
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